ICPs should be listed in a string serapared by space

mimemagic was yanked from rubygems, so this cause gitlab to fail building. To
make it possible to keep installing this old version of gitlab we get mimemagic
from git.

Project.with_builds_enabled.find_by(runners_token: TOKEN) is not working with project created since upgrade to gitlab v11.11.

Include Merge description message in merge by default. User can disable description in merge message by clicking on `Don't include description in commit message`.

Drop the merge title which is "Merge branch SOURCE into TARGET" and only keep the MR title as commit message.

From gitlab 8.12 there is new CI job permissions model which only accept login
from ci token for running job. Then the access is revoked after the job is finished.
In Nexedi, when have a lot of URLs which rely on gitlab-ci-token and project-runners-token, so
we need to re-allow access else access to all those URL will be refused.

More info are here: https://docs.gitlab.com/ee/user/project/new_ci_build_permissions_model.html#before-gitlab-8-12

TODO detect whether request comes from China and only then show ICP (?).

We show in small font size the same info that is shown on sign_in page:

    "GitLab Nexedi Edition", "About GitLab" and "About Nexedi"

This is good to have and hereby-introduced about-footer area will be
also used in the next patch for ICP too.

XXX placement of .about-footer to be near bottom is done not very
correctly.

Both fetch and push are possible over https, which is selected by http if
gitlab was configured to use https in external url.

This way to reduce security vectors and possible ways to interact with gitlab
we use https only without ssh at all.

= GitLab Community Edition + Nexedi patches

[ci skip]

Update Gitaly to v1.42.7 for security fix

See merge request gitlab/gitlabhq!3299

Fix gitlab api token recovery

See merge request gitlab/gitlabhq!3294

Fix migration-paths job for 11-11

See merge request gitlab-org/gitlab-ce!31475

v9.3.0 were using gemnasium-gitlab-service which was yanked on
rubygems

Resolves static-analysis warnings about caniuse-lite being outdated.

[ci skip]

[ci skip]

This reverts commit 9afc6928.

[ci skip]

Don't display badges when builds are restricted

See merge request gitlab/gitlabhq!3186

Extract SanitizeNodeLink and apply to WikiLinkFilter

See merge request gitlab/gitlabhq!3202

Do not allow localhost url redirection in GitHub Integration

See merge request gitlab/gitlabhq!3207

Server Side Request Forgery mitigation bypass

See merge request gitlab/gitlabhq!3214

MR pipeline permissions

See merge request gitlab/gitlabhq!3217

Drop feature to take ownership of a trigger token

See merge request gitlab/gitlabhq!3228

Merge branch 'security-2873-restrict-slash-commands-to-users-who-can-log-in-11-11' into '11-11-stable'

Restrict slash commands to users who can log in

See merge request gitlab/gitlabhq!3239

Filter params in MR build service

See merge request gitlab/gitlabhq!3255

Do not show moved issue ids for user not authorized

See merge request gitlab/gitlabhq!3264

Reusing the existing `IssuableBaseService#filter_params` which uses
the policies to determine what params a user can set, and which values
it can be set to.

This also removed the need for the seperate call to
`IssuableBaseService#ensure_milestone_available`.

The `Issues::BuildService` does not suffer from this because it limits
the params that are assignable to the `title`, `description` and
`milestone_id`.

Fix order-dependent spec failure in appearance_spec.rb

Closes #64083

See merge request gitlab-org/gitlab-ce!30323

Do not show moved issue id for users that cannot read issue

Removing API and frontend interactions that allowed
users to take ownership of a trigger token.

Removed mentions from the documentation.